With the advent of increasingly widespread computer usage, data communications have become a part of the daily lives of a significant and growing portion of the population. In the conduct of such data communications, particularly for such activities as banking by telephone, positive identification of the user becomes imperative.
Various techniques have been proposed for providing positive identification of users of data communications and processing systems.
U.S. Pat. No. 3,594,727 describes a credit card banking system in which a peripheral terminal receives separate identification codes from a credit card and from a secret number punched in by the customer. These codes are transmitted to a central location that verifies the pairing.
U.S. Pat. No. 3,798,605 describes a multi-terminal data processing system including apparatus for verifying the identity of subscribers and includes two embodiments. In one embodiment, termed a "password" system, all data or information originating at the terminal under use of the subscriber is enciphered in combination with the unique subscriber key. In the second embodiment, termed a "handshaking" system, the user and the central processor exchange a plurality of messages, each formed by a combination of new and prior received data, identifying the subscriber.
U.S. Pat. No. 3,764,742 describes a cryptographic idetification system which employs a "credit card" having a personalized read only storage device implemented thereon. The card holds the read only storage associated logic and devices to utilize the read only storage to generate pseudo-random strings of code data. The pseudo-random code is mixed with data which may be transmitted to a computer. The computer contains a pattern of the user's individual read only storage and it operates in sequence to generate the same pseudo random string of bits to decrypt the mixed encrypted data from the user. Access to the central processing unit is controlled by means of an access code memorized by the user.
U.S. Pat. No. 4,218,738 describes a method for authenticating the identity of a user of an information system which employs a verification pattern which is a function of a potential computer user's identity number, the potential computer user's separately entered password, and a stored test pattern. The verification pattern is generated under secure conditions to prevent compromise thereof.
There are known telecomputing keyboards of relatively small but not pocket size, with associated displays, and which are arranged for communication with a computer over ordinary telephone lines.
U.S. Pat. Nos. 4,295,039 and 4,277,837 describe a personal portable terminal for financial transactions, which is larger than pocket size and is designed for proximity engagement with a remote transaction terminal. In both embodiments, the memorized password is subject to compromise if access is gained to the remote transaction terminal.
U.S. Pat. No. 4,315,101 illustrates a method and apparatus for securing data transmissions which employs encryption of a verification code. The encryption method requires a synchronized communication regimen with feedback.